Data processing system with data transmit capability

ABSTRACT

A data processing system with data transmit capability comprising an operating system for supporting processes, such that the process are associated with one or more resources and the operating system being arranged to police the accessing by processes of resources so as to inhibit a process from accessing resources with which it is not associated. Part of this system is an interface for interfacing between each process and the operating system and a memory for storing state information for at least one process. The interface may be arranged to analyze instructions from the processes to the operating system, and upon detecting an instruction to re-initialize a process cause state information corresponding to that pre-existing state information to be stored in the memory as state information for the re-initialized process and to be associated with the resource.

1. PRIOR APPLICATION DATA

This application is a continuation of, claims priority to and the benefit of U.S. patent application Ser. No. 11/982,148 filed Oct. 31, 2007, issued as U.S. Pat. No. 8,782,642, which is a divisional application of U.S. patent application Ser. No. 11/900,377 filed on Sep. 10, 2007, issued as U.S. Pat. No. 8,650,569, which is a continuation of and claims priority to PCT Application No. PCT/GB2006/000852 filed on Mar. 10, 2006, which claims priority to Great Britain Application No. 0505300.4 filed Mar. 15, 2005.

2. FIELD OF THE INVENTION

This disclosure relates to data processing systems.

3. RELATED ART

In the field of computer systems it is generally necessary to determine an appropriate path by which to transmit instructions between elements of a computer. Typically the path is defined by the operating system running on the computer, but it is known that other processes can intervene in some situations to alter the path that instructions take. For example an application which wishes to use a hot-pluggable input-output device will take an instruction path which is determined by a hot-plug controller device according to the particular device which is resident in the system at that time.

For example, the application can invoke a system call (syscall) for transmission of data through the socket and then via the operating system to the network. Syscalls can be thought of as functions taking a series of arguments which cause execution of the CPU to switch to a privileged level and start executing the operating system. A given syscall will be composed of a specific list of arguments, and the combination of arguments will vary depending on the type of syscall.

Syscalls made by applications in a computer system can indicate a file descriptor (sometimes called a Handle), which is usually an integer number that identifies an open file within a process. A file descriptor is obtained each time a file is opened or a socket or other resource is created. File descriptors can be re-used within a computer system, but at any given time a descriptor uniquely identifies an open file or other resource. Thus, when a resource (such as a file) is closed down, the descriptor will be destroyed, and when another resource is subsequently opened the descriptor can be re-used to identify the new resource. Any operations which for example read from, write to or close the resource take the corresponding file descriptor as an input parameter. Existing data processing system suffer from various drawbacks in this regard.

In addition, in order to transmit data between data processors in a network such as an Ethernet network, data is formed into packets. Each packet includes a header specifying the destination of the data in the packet. In an Ethernet network the destination is typically specified by means of an Ethernet address, an Internet Protocol (IP) address and a Transmission Control Protocol (TCP) address.

In known network systems it is common for network routing rules to be stored in tables or other data structures such that when a transmission of data is requested the tables can be accessed to determine the appropriate addresses to which to send the data, and the contents of the packet headers can thus be created. Such tables are generally stored by the operating system of the terminal device that is to send the data, for example a personal computer or server.

Layers of the stack include an application and a socket provided by a socket library. The socket library is an application program interface (API) for building software applications. The socket library can carry out various functions, including creating descriptors and storing information. Additionally, there is an operating system (OS) comprising a TCP kernel and a proprietary TCP user-level stack.

In order to perform routing the user-level stack must use a routing table. One option would be for the user-level stack to maintain its own routing tables independently of the OS. However, this would require the user-level stack (in addition to the OS) to have access to all the communications necessary for establishing a routing table. There would then be ambiguity as to where those communications should be directed. Alternatively, the user-level stack may be able to access the routing tables stored by the OS. Since the user-level stack may have to access the tables very frequently during operation, accessing the routing tables stored by the OS is likely to create a significant workload for the system and so it can be expected to be inefficient for an application to be required to access tables in the OS each time it wishes to transmit data across the network. This is a drawback to the prior art.

It is further known that in computer systems, regions of memory are commonly shared between more than one application. Applications which are running are known as processes, and more than one process in a computer may require access to the shared memory at the same time. However, the regions of memory will typically be controlled by means of an operating system which will provide support to enable only one application at a time to access the shared memory space, as discussed in more detail below.

Multiple threads can exist within a single application process and can execute concurrently with access to all the memory of the application context. Thus, there may be multiple threads within each application wishing to access the shared memory. If more than one process or thread were permitted concurrent access to the memory then the application would be likely to crash since the same region of memory cannot be modified simultaneously by more than one set of instructions. Therefore, it is known to provide a lock associated with the memory. The lock can be changed between an unlocked state when no application is accessing the region of memory and a locked state when the memory is being accessed. Thus, when one thread (L) has access to the shared memory, the lock associated with the memory will enter a locked state, indicating that the memory cannot currently be accessed by other threads. When another thread (T) makes an attempt to access the memory while the thread L has access, the thread T will not be permitted access and will need to wait until the memory becomes available.

Spin-locks are commonly used by processes attempting to access shared memory. When a process makes an attempt to access the memory the process will either obtain the lock or it will not. If it fails, a decision must be made about how to proceed. If the process cannot proceed with any other operations until the lock is obtained then it will block and repeatedly attempt to access the memory until the lock is finally obtained. This can obviously be inefficient. An alternative is for the process to request a callback, so that when the lock is released the process is woken and can then re-try the lock. Although this can eliminate the requirement for a process to continually try the lock, it can still be inefficient because the process may not be able to carry out other operations while waiting for the memory access. In other words, it may have to block while waiting for a wake-up from the operating system.

In known systems, attempts made by threads to enter the memory space while it is being used can cause an entry to be added to a queue so as to indicate that the threads are awaiting access to the memory. If the memory is busy then, when it subsequently becomes available, a “wake-up” call can be sent to any waiting threads or applications. The waiting threads or applications are thus alerted to the availability of the memory and can then each make a further attempt to access the memory. Typically, the first thread or application to attempt to access the memory will be given access, although other scheduling algorithms are employed where appropriate. When an application successfully engages the memory, the lock will enter a locked state and access to the memory will be prevented to other applications.

It is also known for an application, on releasing a lock, to send a system call (syscall) to a driver within the operating system to initiate the sending of a wake-up call to waiting applications. The driver on receiving a syscall instructing a wake-up call, would access the queue to determine which applications are waiting, and send wake-up calls to the appropriate applications.

This arrangement has the following disadvantages. First, it can be inefficient for applications to have to make repeated attempts to access the memory. Second, some applications will have a higher priority than others and it can be very inefficient for a high priority application to be made to wait and make several access attempts before being permitted access to the memory. For example, an application may be blocked until it can access the memory, and it can therefore be important for that application to be treated as a high priority. Also the priority of all the waiting threads cannot be easily expressed in terms of the Operating System level inputs to the scheduling algorithm and is only known (or expressed) by the particular application and driver code.

Various embodiments are disclosed herein for overcoming the drawbacks in the prior art and for providing additional advantages and benefits for data processing systems and the methods associated therewith.

SUMMARY

To overcome the drawbacks of the prior art and provide additional benefits and features, a data processing system is disclosed. In one embodiment the system comprises an operating system for supporting processes such that each process is associated with one or more resources. The operating system is arranged to police the accessing by processes of resources so as to inhibit a process from accessing resources with which it is not associated, and being responsive to instructions of a certain type to re-initialize a process. Also part of this embodiment is an interface for interfacing between each process and the operating system. A memory is provided for storing state information for at least one process such that the state information is associated with a resource. In addition, the interface is arranged to analyze instructions from the processes to the operating system, upon detecting an instruction to re-initialize a process so as to be associated with a resource that is associated with pre-existing state information. This causes state information corresponding to that pre-existing state information to be stored in the memory as state information for the re-initialized process and to be associated with the resource.

Also disclosed herein is a data processing system comprising an operating system that stores a first network routing table that comprises one or more entries each indicating at least part of a route over a network to a respective destination. This system also comprises a transmission support function arranged to maintain a copy of the first network routing table and a network data transmission function arranged to transmit data in accordance with the copy network routing table and without accessing the first network routing table.

In one embodiment, a data processing system is arranged to control access by a plurality of processes to a region of shared memory. In such an embodiment, the data processing system is configured to prevent more than one process from concurrently accessing the region of shared memory and establish a data structure for holding items of a first type. These each comprise an indication of another of the plurality of processes, which are attempting to access the region of shared memory, and a definition of an operation on the region of shared memory. In addition, on a process finishing accessing the region of shared memory, action an item in the data structure by performing the defined operation by other than the process indicated in that item.

Also disclosed herein is a data processing system comprising an operating system for supporting processes such that the operating system is arranged to output data by addressing the data to a descriptor corresponding to the intended destination of the data. Also part of this embodiment is an interface for interfacing between each process and the operating system. A memory is provided including one or more address spaces and there is an address space corresponding to each of the processes for use by the respective process. Also, a data communication stack is provided or created for one of the processes such that the stack is located in the address space corresponding to the respective process and having a descriptor allocated to it. In this embodiment, the interface is arranged to analyze requests to alter the allocation of a descriptor sent by the processes towards the operating system to identify whether such a request relates to altering the allocation of the descriptor allocated to the stack, and if it does, allocate a different descriptor to the stack and subsequently permit the request to be processed.

Also disclosed herein is a method of compiling a data structure in a computer system such that the computer system is arranged to perform protocol processing and transmit data via an interface based on routing instructions. This method may be performed by a socket library, such as a socket library containing a TCP/IP stack, within the computer system. In addition, a program may be used to cause or program the computer system to compile the data structure in accordance with the method. A computer system programmed in this manner, and a data carrier carrying the program is also disclosed.

In one embodiment, the method comprises receiving a first instruction and determining the route indicated by the first instruction. The first instruction also identifies a descriptor which uniquely identifies an open file, socket, or other resource. Thus, the first instruction may be an instruction which provides a route to transmit data between elements of a computer such as a system call. For example, the first instruction could be a system call for transmission of data through a socket.

In this embodiment, an interface within the determined route is identified and an attempt is made to determine ownership of the interface. The interface may be a port on a network interface card. Ownership typically refers to the allocation of a resource, such as the interface, to an entity, such as a process, and may imply that access to that resource is limited to that entity. In some embodiments, ownership of the related descriptor may determine ownership of the interface. In addition, the ownership determination may be based on system-wide rules defining routes for transmitting data.

An entry in the data structure is created to store the result of the attempt to determine ownership along with the descriptor's identifier. The data structure is comprised of these entries and additionally provides routing information related to the descriptors within these entries to socket libraries or other libraries. In one or more embodiments, the state of the descriptor may indicate ownership by the operating system's kernel, ownership by another entity, or unknown ownership. The entries are used to efficiently identify ownership of a particular descriptor for subsequent instructions. For example, once an entry for a descriptor has been made, a subsequent instruction may be quickly routed to the kernel or another entity simply by accessing the descriptor's entry and reading its state.

The entries in the data structure may become obsolete for various reasons including but not limited to closing the descriptor, policy changes, or route updates caused by changes to network topology. In these cases, an indication that the descriptor's ownership may have changed is received, and the descriptor's entry in the data structure is changed to indicate its ownership is unknown. A subsequently received instruction identifying the descriptor will then cause the descriptor's entry to be updated with the determined ownership of an identified interface. As above, the interface is identified by determining the route specified by the instruction and identifying an interface within that route.

A computer system being arranged to perform protocol processing and transmit data via an interface on the basis of instructions in accordance with a route may route data by utilizing the above described data structure. When an instruction indicating a descriptor is received, the data structure is accessed to determine the indicated descriptor's state (i.e. ownership). The instruction is then directly transmitted according to a corresponding route without the high overhead of first being sent to the operating system. In one or more embodiments, routing may be performed by a socket library and the data structure may be stored within the socket library if desired.

Other systems, methods, features and advantages of the invention will be or will become apparent to one with skill in the art upon examination of the following figures and detailed description. It is intended that all such additional systems, methods, features and advantages be included within this description, be within the scope of the invention, and be protected by the accompanying claims.

BRIEF DESCRIPTION OF THE DRAWINGS

The components in the figures are not necessarily to scale, emphasis instead being placed upon illustrating the principles of the invention. In the figures, like reference numerals designate corresponding parts throughout the different views.

FIG. 1 shows a prior art computer system.

FIG. 2 represents a series of operations in a computer system.

FIG. 3 shows a computer system in accordance with embodiments of the present invention.

FIG. 4 shows a descriptor table.

FIG. 5 shows an arrangement of tables in accordance with an embodiment of the present invention.

DETAILED DESCRIPTION

The embodiments of the invention described herein may include any one or more of the features described in relation to other inventions. As such various different embodiments may be configured with any element, feature, or step, disclosed herein, either alone or in combination.

This invention relates to the transmission of data in computer systems. In the field of computer systems it is generally necessary to determine an appropriate path by which to transmit instructions between elements of a computer. Typically the path is defined by the operating system running on the computer, but it is known that other processes can intervene in some situations to alter the path that instructions take. For example an application which wishes to use a hot-pluggable input-output device will take an instruction path which is determined by a hot-plug controller device according to the particular device which is resident in the system at that time.

FIG. 1 represents equipment capable of implementing a prior art protocol stack, such as a transmission control protocol (TCP) stack in a computer connected to a network. The equipment includes an application 1, a socket 2 and an operating system 3 incorporating a kernel 4. The socket connects the application to remote entities by means of a network protocol, in this example TCP/IP. The application can send and receive TCP/IP messages by opening a socket and reading and writing data to and from the socket, and the operating system causes the messages to be transported across the network. For example, the application can invoke a system call (syscall) for transmission of data through the socket and then via the operating system to the network.

Syscalls made by applications in a computer system can indicate a file descriptor (sometimes called a Handle), which is usually an integer number that identifies an open file within a process. A file descriptor is obtained each time a file is opened or a socket or other resource is created. File descriptors can be re-used within a computer system, but at any given time a descriptor uniquely identifies an open file or other resource. Thus, when a resource (such as a file) is closed down, the descriptor will be destroyed, and when another resource is subsequently opened the descriptor can be re-used to identify the new resource. Any operations which for example read from, write to or close the resource take the corresponding file descriptor as an input parameter.

When a network related application program interface (API) call is made through the socket library this causes a system call to be made, which creates (or opens) a new file descriptor. For example the accept( ) system call takes as an input a pre-existing file descriptor which has been configured to await new connection requests, and returns as an output a newly created file descriptor which is bound to the connection state corresponding to a newly made connection. The system call when invoked causes the operating system to execute algorithms which are specific to the file descriptor. Typically there exists within the operating system a descriptor table which contains a list of file descriptors and, for each descriptor, pointers to a set of functions that can be carried out for that descriptor. Typically, the table is indexed by descriptor number and includes pointers to calls, state data, memory mapping capabilities and ownership bits for each descriptor. The operating system selects a suitable available descriptor for a requesting process and temporarily assigns it for use to that process.

Certain management functions of a computing device are conventionally managed entirely by the operating system. These functions typically include basic control of hardware (e.g. networking hardware) attached to the device. When these functions are performed by the operating system the state of the computing device's interface with the hardware is managed by and is directly accessible to the operating system. An alternative architecture is a user-level architecture, as described in WO 2004/079981 and the applicant's copending PCT application claiming priority from GB 0408876.1. In a user-level architecture at least some of the functions usually performed by the operating system are performed by code running at user level. In a user-level architecture at least some of the state of the function can be stored by the user-level code. This can cause difficulties when an application performs an operation that requires the operating system to interact with or have knowledge of that state.

In embodiments of the present invention syscalls passing through the socket can be analyzed to establish the file descriptor and any information identified in the syscall that indicates the path by which the syscall is to be directed, and decisions can thereby be made by the socket so that the syscall can be transmitted in a suitable way from the socket.

An example of a syscall is Dup2(a,b), which has the effect of duplicating the file or other resource represented by descriptor “a” and creating a new resource represented by descriptor “b” and having the same properties. One example of when such a call might be useful is when a descriptor that has a system-wide significance (for example the descriptor that maps on to error output—commonly descriptor #2) is to be redirected on to some other file or device.

Other examples of syscalls are fork( ) and exec( ). A fork( ) call typically creates a new process (child) from the old one (parent) which initially shares all state including memory mappings and file-descriptors. After a successful fork( ), two copies of the original code will be running. An exec( ) call can then be requested for the child process. This will replace the current process image with a new process image, but details of the child process can be preserved. For example, specific file descriptors can be preserved in the child and (often) closed by the parent; thus handing over control of a file descriptor from a parent to a new child process.

According to a first aspect of the present invention there is provided a method of compiling a data structure in a computer system, the computer system being arranged to perform protocol processing and transmit data via an interface on the basis of instructions in accordance with a route, the method comprising: receiving a first instruction including an indication of a descriptor; determining a route indicated by the first instruction; identifying an interface within the determined route; attempting to determine the ownership of the interface; and causing an entry to be made in the data structure, the entry including an identifier of the descriptor and a state of the descriptor, wherein the state represents the result of the attempting step.

The method is preferably performed by a socket library in the computer system. The socket library preferably contains a TCP/IP stack.

The state may be a state from the list comprising A, B and C, where: A indicates ownership by a kernel of an operating system in the computer system; B indicates ownership by another owner; and C indicates unknown ownership. The first instruction could suitably be a system call. The descriptor is preferably a file descriptor. The determined ownership of the interface could conveniently be taken to be the ownership of the descriptor. The step of attempting to determine the ownership of the interface preferably includes accessing system-wide rules defining routes for transmitting data.

The method could further comprise: receiving a second instruction including an indication of the descriptor; accessing the data structure to determine the state of the descriptor; and routing the second instruction based on the determined state of the descriptor.

The method could additionally comprise: receiving an indication that the ownership of the descriptor may have changed; and changing the entry in the data structure to indicate the state of the descriptor as C.

The method could further comprise updating the state of the descriptor in the data structure by: receiving a third instruction including an indication of the descriptor; determining a route specified by the third instruction; identifying an interface within the determined route; attempting to determine the ownership of the interface; and based on the determined ownership of the interface, updating the said entry in the data structure to indicate the current ownership of the descriptor.

According to a second aspect of the present invention there is provided a data structure accessible by a socket library in a computer system, the data structure comprising one or more entries each including an identifier of a descriptor and a state of the descriptor, wherein the state represents the ownership of the descriptor, and wherein accessing the data structure can provide routing information relating to the descriptor.

According to a third aspect of the present invention there is provided a method of routing data in a computer system, the computer system being arranged to perform protocol processing and transmit data via an interface on the basis of instructions in accordance with a route, the method comprising: receiving a first instruction including an indication of a first descriptor; accessing a data structure storing, for each of one or more descriptors, an identifier of the descriptor and a state of the descriptor, wherein the state represents the ownership of the descriptor; determining the state of the first descriptor; in accordance with the determined state, determining a route; and transmitting the first instruction in accordance with the determined route. The method is preferably performed by a socket library in the computer system. The data structure is preferably stored at the socket library.

According to a fourth aspect of the present invention there is provided a program for programming a computer system to compile a data structure, the computer system being arranged to perform protocol processing and transmit data via an interface on the basis of instructions in accordance with a route, the program being arranged to cause the computer system to compile the data structure by a method comprising: receiving a first instruction including an indication of a descriptor; determining a route indicated by the first instruction; identifying an interface within the determined route; attempting to determine the ownership of the interface; and causing an entry to be made in the data structure, the entry including an identifier of the descriptor and a state of the descriptor, wherein the state represents the result of the attempting step.

According to a fifth aspect of the present invention there is provided a computer system programmed with a program as defined above. According to a sixth aspect of the present invention there is provided a data carrier carrying a program as defined above.

FIG. 3 shows components implementing a TCP stack for use in accordance with embodiments of the present invention. Layers of the stack include an application 1 and a socket 2 provided by a socket library. The socket library is an application program interface (API) for building software applications. The socket library can carry out various functions, including creating descriptors and storing information. Additionally, there is an operating system 3 comprising a TCP kernel 4, and a proprietary TCP user-level stack 5. It will be understood by the skilled person that although TCP is referred to by way of example, other protocols could also be used in accordance with embodiments of the invention. For example, User Datagram Protocol (UDP), Internet Control Message Protocol (ICMP) or Real-Time Transport Protocol (RTP) could be used. Non-Ethernet protocols could be used. The user-level stack is connected to hardware 6 in FIG. 3. The hardware could be a network interface card (NIC). The system shown in FIG. 3 is capable of performing protocol processing. This involves the processing of data packets and of the protocols according to which the data packets are transmitted within computer networks.

In this arrangement there can be one user-level TCP stack 5 for each application that requires one. This can provide better performance than if a stack is shared between applications. Each stack is located in the same address space as the application that it serves.

The socket library maintains a table 40, shown in FIG. 4, incorporating identifiers of file descriptors and their ownership. In general, ownership applies to control of access to elements within a computer system. For example, a network interface 6 (typically a port on a network interface card) could link a data processing system to a series of other computers, and the data processing system could be similarly linked by a further network interface to another series of computers. If it is desired to send a packet of data from the data processing system to a specific one of the computers, the correct network interface must be selected in order to successfully transmit the packet to the correct computer. In this case, the term “ownership” refers to the identity of the interfaces. Thus “ownership” typically refers to the allocation of a resource to an entity such as a process, which may imply that access to that resource is limited to that entity.

In the present example illustrated by FIG. 3, the computer system has a kernel (K) 4 and a proprietary user-level stack 5 which will be referred to (by way of example only) as a Level 5 (or L5) stack. The L5 stack is associated with its own library which is interposed in the system. The ownership of file descriptors in use in the system is defined according to which network interface the file descriptor is associated with. In this case, the ownership can have three values in: L5; K; or unknown/indeterminate. These values could be indicated explicitly or by way of binary flags. The descriptor table maintained by the socket library indicates whether each descriptor is owned by L5, owned by K, or of unknown ownership. Exemplary entries in the table 40 are shown in FIG. 4. The descriptor numbers are listed in the left column and an indication of the ownership of each descriptor is shown in the right column. Thus, the table shows that descriptor number 0 has been determined to be owned by L5, descriptor numbers 3 and 6 are of unknown ownership and descriptor number 4 is owned by the kernel. The table 40 is preferably stored securely such that users cannot access it directly and corrupt it by changing pointers in the table.

In FIG. 2, a series of operations is illustrated. An application 1 invokes a socket( ) syscall 10 through the socket API 2, requesting that a new file descriptor be created. This could alternatively be achieved for example by using an open( ) call. In the present example, the application could be a webserver which creates a new descriptor which accepts new connections and then forks( ) a new process for each concurrent user. In the example, the server is initializing, and so a socket( ) call is made by the application.

At step 11 the socket library, which may be a standalone library or alternatively its functionality could be incorporated in a single system library such as libc invokes a syscall trap which causes execution to switch to the operating system. The operating system determines the syscall source and executes internal socket creation code within its network subsystem. This code will request a new file descriptor. The operating system checks its descriptor table and selects a descriptor D suitable for this application and then assigns it to the new file associated with the new user. An identifier of the selected descriptor D is then sent in step 12 by the operating system 3 to the socket 2.

In prior art systems, the passing of the syscall from the application to the socket library, and the invoking of the resulting system call at the socket is generally unhindered. In contrast, in the present system, the call is intercepted before it reaches the socket library. The intercepted message 12 is checked by the L5 socket library, and an identifier of the descriptor D is entered in the table 40, with an indication of indeterminate ownership. An extract of the table 40 is shown below step 12 in FIG. 2.

An identifier of the descriptor D in the message 12 is then transmitted to the requesting application 1 in step 13. The application may then include this descriptor in further syscalls which it transmits, enabling the relevant file to be identified.

Syscalls can be thought of as functions taking a series of arguments which cause execution of the CPU to switch to a privileged level and start executing the operating system. Here the syscalls are denoted 1 to N. A given syscall will be composed of a specific list of arguments, and the combination of arguments will vary depending on the type of syscall.

In this embodiment, a network route table is maintained by the operating system 3 storing arguments and their associated routes including interfaces within the routes. The network route table typically stores network subnet address masks and their associated network interfaces. A given network address is matched against the table in such a way that the most specifically defined route can be chosen.

This table contains all external network routing rules for the computer system. The table is also associated with an API which enables entries in the table to be added or deleted. Because the route table is held in the OS a user-level stack would waste time making system calls to determine the route of packets being transmitted. To avoid this a local copy of the route table (and other control plane tables such as the list of network interfaces and the address resolution protocol (ARP) table) is maintained in the context of the user-level application. In the system of this example, the L5 stack is registered with the operating system to receive updates when the route table changes. The table is thereby copied into the L5 stack and if an application's route changes, the relevant information will be relayed to the L5 stack.

The L5 user-level stack provides a “look up route” function which, on receiving a request, can return details of whether or not a specified route goes through an interface associated with the L5 stack (in this example an L5 interface). This function will check a generation count to determine whether its cached route table state is still valid. If so it can use cached state, otherwise it needs to either make a system call or consult shared memory pages onto valid route table entries. Thus, a change can be indicated in a two-step process. First incrementing a “generation counter” means that the socket library knows quickly that something has changed. Then, once off the fast path, the socket library can determine the new state.

In step 14, another syscall is sent from the application 1. In this example it is a connect( ) syscall, specifying an address for connection which could be in another machine. The socket library 2 intercepts the message 14, determines the type of syscall and looks it up in a further table. If it is a type from which it will not be possible to determine the ownership of a descriptor, no further processing of the message is performed to establish the ownership. An entry already exists in the table 40 for the descriptor D, and the ownership indicated in the table will remain unchanged, as indeterminate. Information and the descriptor D in the message 14 will then be checked by the socket 2 to establish whether the message should be passed to the kernel or the L5 stack, and it will then be transmitted within the system to the appropriate interface.

On the other hand, if the syscall 14 is determined by the socket library to be of a type that could identify the ownership of the descriptor, the syscall will be further analyzed. In the present example, the message is a connect request and so it will be further analyzed. This analysis includes identifying the descriptor D and any arguments included in the message. The arguments can then be analyzed by the socket library by means of a “look up route” request. The route table copied into the L5 stack will then be checked and an associated interface can thereby be identified. The ownership of the descriptor D is assumed to be the same as that of the interface, and the ownership data in the table 40 against descriptor D can then be updated. The socket library can thus identify whether the descriptor should be passed to the operating system 3 (or, more specifically, the kernel 4) or to the proprietary user-level stack 5. In the present example, the syscall 14 is determined to be directed to a L5 interface, and the descriptor D is therefore taken to be a L5 descriptor. The table 40 is updated with a positive indication of L5 ownership, as shown below step 14 in FIG. 2, and the syscall will be passed to the L5 stack which will perform the required operation within the application context.

When a subsequent message identifying descriptor D passes through the socket 2, the socket library can simply determine the descriptor from the message and look up that descriptor in the locally stored table 40 to determine its presumed ownership. Messages incorporating a descriptor owned by L5 will be intended to be passed directly down from the socket 2 to the L5 user-level stack 5 shown in FIG. 3. Because the ownership of the descriptor D is determined from the table 40 as being L5, messages intercepted by the socket library incorporating an identifier of the descriptor D will be passed directly down to the L5 stack 5 without first being sent to the operating system 3. Therefore, by means of embodiments of the present invention, only a simple analysis of a message passing through the socket library is required in order to be able to establish the appropriate part of the stack to which to pass the message. The high overhead in processing instructions to determine a path is thereby avoided. Preferably, if the ownership of a descriptor is indeterminate, any message incorporating that descriptor will be sent to the operating system by default.

When a file is to be closed, a destructor syscall (usually close( )) is sent from the application 1 and intercepted by the socket library 2. The socket library can then identify that the descriptor is to be destroyed and remove the entry for that descriptor from the table 40. Then, when the descriptor is subsequently re-used by the operating system and assigned to a new process, the socket library can intercept the message from the operating system identifying the newly-assigned descriptor, as described above in relation to step 12 of FIG. 2. Alternatively, the entry could remain in the table and the associated indication of its ownership could be modified to show that its ownership is unknown. Alternatively, the default setting for a descriptor's ownership could be “operating system”.

The information stored in the table 40 may become obsolete when routing instructions within the computer system change. This could happen as a result of policy changes, for example when an application no longer runs with Level 5, or, more commonly, as a result of load balancing decisions within the computer system or other route updates caused by network topology changes. The information in the table 40 should be checked when such a change occurs. A convenient way of arranging the checking procedure is to reset a descriptor's ownership to indeterminate (or K) when such a change occurs so that until the correct new ownership information can be obtained a full processing operation will be carried out for the routing of messages to the operating system or the L5 stack via the socket 2. More generally a single generation counter is associated with each user-level socket state. Incrementing this counter will cause the L5 user stack to leave its fast path processing and determine the state change.

In a typical system as shown in FIG. 3, each application 1 has its own user-level TCP stack 5 by which it can communicate with its hardware 6. This enables shorter processing times because the application need not share the stack with other applications. As stated above, the stack 5 is in the same address space as its corresponding application. Additionally, each stack 5 is associated with a dedicated driver (not shown) in the kernel 4 of the operating system. In this arrangement, when the application 1 attempts to open a descriptor that is being used by the stack 5, for example a descriptor for accessing the TCP driver in the kernel 4, the operating system 3 cannot identify that there is a conflict because the stack 5 and the application 1 are in the same address space. The conflict arises due to the fact that in order for the L5 stack to operate it requires operating system descriptors, and these descriptors must be allocated from the same address space as the descriptors used by the application. However, the application has no a prior knowledge of the existence of the L5 stack.

A specific example will now be described. The operating system 3 allocates descriptor number 42 for use by the L5 TCP stack 5. The application 1 then sends a Dup2(X,42) call, requesting that descriptor 42 becomes a copy of descriptor X. If this instruction were executed by the operating system it would cause a conflict because descriptor 42 is already in use to identify the stack. Normally such a conflict would be avoided by the operating system preventing one process from having access to a descriptor that is already in use by another process. However, in this case the application and the user-level stack 5 occupy the same application space as far as the operating system is concerned, and so the operating system could not normally allow this Dup2( ) call to proceed, unless the application were to first close the existing resource having descriptor 42. To avoid such a conflict, the socket library 2 intercepts Dup2( ) calls and identifies whether they request a descriptor assigned to the stack to be redefined. The socket library checks in the table 40, which additionally includes a flag indicating whether each descriptor is a private L5 user-level stack descriptor, and if it determines that there will be a clash, a series of operations is carried out by the socket library.

Thus, the socket library intercepts the syscall Dup2(X,42) from the application 1, which is an attempt to transform descriptor X into descriptor 42. The socket library checks the table 40 for a flag indicating that 42 is private to the L5 stack. It determines that it is, and blocks the application's thread, as would happen for any syscall. The library obtains a lock on descriptor 42 to prevent other actions being carried out in relation to it. The library then sends a Dup2(42,Y) call to the operating system, requesting that the current definition of descriptor 42 is duplicated at some unused descriptor Y, so that the stack can subsequently operate with descriptor Y.

If this call fails, for example due to an internal error within the stack 5, the socket library forges a message to the application 1 to indicate that the Dup2(X,42) call from the application failed. On the other hand, if the Dup2(42,Y) call succeeds, the application's thread is released, and the Dup2(X,42) call can be forwarded by the socket library to the operating system. When the socket library receives a response from the operating system indicating that the Dup2(42,Y) call was successful, it forwards a response to the application, which the application interprets as being confirmation that its Dup2(X,42) call succeeded. The application can then use descriptor 42 and the stack can use the new descriptor Y, and the potential conflict is thus prevented.

The sequence of operations described above can involve a high processing overhead, so to inhibit an application from requesting the use of a descriptor that is in use by the stack, it is preferred that such a descriptor is marked by the operating system as reserved. The operating system would then be unlikely to inform an application that such a descriptor is available and so it is unlikely that the application will request the use of such a descriptor.

The dup2( ) instruction is an example of an instruction to duplicate a descriptor that is used in the Unix and Linux operating systems. Other operating systems may be responsive to other instructions to perform functionally equivalent duplication of descriptors, and similar techniques can be applied to avoid conflicts in those operating systems too.

When a fork( ), exec( ) sequence is performed on an application, the child application can retain the file descriptors of the parent application in such a way that all details of the parent application except the file descriptors are destroyed. By virtue of fork/exec operations with respect to a single user-level transport library, multiple applications can eventually be mapped onto the same state in an operating system. This can lead to considerable contention for the lock, which can be inefficient as applications are generally required to spin or block while they await access to the state.

When a new application is created, it acquires a process ID (PID) which is unique within a host. According to one embodiment as shown in FIG. 5, an exec table 51 is maintained by the L5 operating system 5 in which each record has a PID, pointers to a system-wide file descriptor table 52 which contains pointers to state 53 in the operating system, and file descriptors that are used by that PID, for example having been preserved following an exec( ) call.

In one embodiment, the socket library 2 intercepts an exec( ) call and can read it to reconstruct state data for a new L5 process. When the library has intercepted the exec( ) call, an entry is made in the exec table 51 and the exec( ) call is processed. The new process then starts, and a new L5 library is set up. The init( ) of the new library involves checking via an access of the L5 file descriptor to the exec table 51 of the operating system 5, and the exec table 51 is recreated as a new table (not shown in FIG. 5) in the library. This table can record details of whether a file descriptor has been involved in an exec( ) operation. This table could be the same as the table 40, but preferably it is separate. For efficiency reasons this table can be reconstructed in a “lazy” manner as the new application attempts to access each file descriptor.

The system-wide table 52 maintained by the operating system 5 can keep track of file descriptors which have been preserved following a fork-exec operation. This system-wide table records which file descriptors are in use for which applications. Each file descriptor is assigned a reference number by the operating system 5 which is unique across the system. This can be necessary because two applications which do not communicate with each other can use identical file descriptor numbers without any conflicts occurring. However, it is convenient to be able to identify a particular file descriptor in use by a particular application with a unique number.

The system-wide table 52 also stores pointers for each file descriptor to state 53 within the system. The state associated with a file descriptor of a child process will typically be the same as the state associated with its parent process and the process of reconstruction requires that the newly exec-ed application makes system calls to the L5 driver in order to reattach to the shared state.

As stated above, it can occur that due to multiple fork-exec operations many processes come to be sharing the same state. This is inefficient since a process would have to await access to a lock on the state and this generally involves blocking. To reduce such contention, the operating system 5 preferentially assigns new memory space (a new network interface) to each forked application as it requests its first new file descriptor.

The applicant hereby discloses in isolation each individual feature described herein and any combination of two or more such features, to the extent that such features or combinations are capable of being carried out based on the present specification as a whole in the light of the common general knowledge of a person skilled in the art, irrespective of whether such features or combinations of features solve any problems disclosed herein, and without limitation to the scope of the claims. The applicant indicates that aspects of the present invention may consist of any such individual feature or combination of features. In view of the foregoing description it will be evident to a person skilled in the art that various modifications may be made within the scope of the invention.

While various embodiments of the invention have been described, it will be apparent to those of ordinary skill in the art that many more embodiments and implementations are possible that are within the scope of this invention. In addition, the various features, elements, and embodiments described herein may be claimed or combined in any combination or arrangement. 

What is claimed is:
 1. A method performed in a computer system for controlling processing of an instruction in user mode or kernel mode, the method comprising: receiving a first instruction including an indication of a socket; determining an ownership of the socket; based on the determined ownership of the socket, storing in a data structure an indication of the ownership of the socket, wherein the socket is owned by an entity from a list, said list comprising a kernel of the computer system and a user-level entity of the computer system; in response to receiving a subsequent instruction including an indication of the socket: using the data structure to identify ownership of the socket for the subsequent instruction; passing the subsequent instruction to an operating system of the computer system for processing at the kernel if the data structure indicates ownership by the kernel for that socket; and passing the subsequent instruction to the user-level entity for processing at the user-level entity if the data structure indicates ownership by the user-level entity for that socket.
 2. A method as claimed in claim 1, performed by a socket library in the computer system.
 3. A method as claimed in claim 2, wherein the socket library contains a TCP/IP stack.
 4. A method as claimed in claim 2 wherein the data structure is stored at the socket library.
 5. A method as claimed in claim 1, wherein the indication of ownership is an ownership from the list comprising A, B and C, where: A indicates ownership by the kernel of the operating system in the computer system; B indicates ownership by another owner; and C indicates unknown ownership.
 6. A method as claimed in claim 5, further comprising: receiving an indication that the ownership of the socket may have changed; and changing an entry in the data structure to indicate the ownership of the socket as C.
 7. A method as claimed in claim 1, wherein the first instruction is a system call.
 8. A method as claimed in claim 1, wherein the socket is identified by a descriptor, and wherein the descriptor is a file descriptor.
 9. A method as claimed in claim 1, further comprising: accessing the data structure to determine the ownership of the socket; and routing the subsequent instruction based on the determined ownership of the socket.
 10. The method of claim 9 wherein routing the subsequent instruction further comprises: in accordance with the determined ownership of the socket, determining a route; and transmitting the subsequent instruction in accordance with the determined route.
 11. The method of claim 1 wherein the computer system is arranged to perform protocol processing and transmit data via an interface on the basis of instructions in accordance with a route.
 12. A method as claimed in claim 1, wherein the step determining the ownership of the socket occurs in response to determining that the ownership of the socket is unknown.
 13. A method as claimed in claim 1, wherein the step of determining the ownership of the socket occurs in response to a change in the value of a counter.
 14. A method as claimed in claim 1, wherein the first instruction further includes a network address, and the step of determining an ownership of the is socket is carried out in dependence upon the network address.
 15. A non-transitory computer readable medium carrying a program for controlling a computer system to process an instruction in user mode or kernel mode, the program being configured to execute on one or more processors of the computer system to perform the steps of: receiving a first instruction including an indication of a socket; determining an ownership of the socket; based on the determined ownership of the socket, storing in a data structure an indication of the ownership of the socket, wherein the socket is owned by an entity from a list, said list comprising a kernel of the computer system and a user level entity of the computer system; in response to receiving a subsequent instruction including an indication of the socket: using the data structure to identify ownership of the socket for the subsequent instruction; passing the subsequent to an operating system of the computer system for processing at the kernel if the data structure indicates ownership by the kernel for that socket; and passing the subsequent to the user-level entity for processing at the user-level entity if the data structure indicates ownership by the user-level entity for that socket.
 16. A computer system comprising one or more processors configured to process instructions in user mode or kernel mode, the one or more processors being configured to execute instructions to perform the steps of: receiving a first instruction including an indication of a socket; determining an ownership of the socket; based on the determined ownership of the socket, storing in a data structure an indication of the ownership of the socket, wherein the socket is owned by an entity from a list, said list comprising a kernel of the computer system and a user level entity of the computer system; in response to receiving a subsequent instruction including an indication of the socket: using the data structure to identify ownership of the socket for the subsequent instruction; passing the subsequent to an operating system of the computer system for processing at the kernel if the data structure indicates ownership by the kernel for that socket; and passing the subsequent to the user-level entity for processing at the user-level entity if the data structure indicates ownership by the user-level entity for that socket. 